Leia Shilobod - Sharpen The Saw While Dulling The Knife

the search for key s leaders is hard to find first of all heaven have the strong background nor will you know small group like this right - yes the CEO of Integris illusions the ice princess of power she has authored two books in sought-after cyber security adviser often tends to speak in Syrian sites including it hard Pennsylvania State Department's along with multiple accountant and manufacture means two things Leah sagionara confirms an ex and keeps me compliant by delivering enterprise class I - security solutions or otherwise can prosper derivative let's have a round of applause

sentiment right side education for that interest mouse with an elephant a strong education is the most powerful weapon that can change the world no need to speak education on experiment panel as lighting a fire worth your educational institution is dead so we know that education is an utterly important yes when it comes to educating our end users security is all well done not without merit and if we have many layers of sophisticated and complex and expensive tools while I'm user computers although security by clicking one thing you're able to educate them and empower them we can decrease the possibility of it's happening

[Applause] [Music]

so that person in this room by the way oh my gosh

so let's start what about existing program Spanish so usually they fail because there's before the time so the designs before the reception is going to be before it well most trainees grantees which are tall or people are completing the treatise on a very government there's a lot of partnership all the times between the Human Resources 19 sometimes end-users feel like they're made tricked will be little yeah

at work we forget that you're working the bottom humans have been around for about 40,000 years time 6,000 so usually about my we have a very very still where we are looking all the time

thinking about that so what clear estimation presenting the information frequently learning multiple modalities and appropriately balanced assessment the importance of understanding doberman about adult learners want to eat the red are the dollars are internally motivated and self-worth they bring life experiences and knowledge to learning their goal-oriented relevancy oriented compatible adult learners like to be perspective so think about that right now what you're doing in your environment to be able to help train and others are you reminding with this or are the completely opposite stuff these are programs for big things that you have to get about frequency that you're going to be trained the contents the approaches would take an assuring that all this is back of the

documentation of policy so that it actually happens

organization we do a live webinar during the live webinar always they should have time for just an answer because you want to allow people to keep clarity for what you're talking about and you also want to listen to the questions because those questions are clues about their behavior and all the way that they're thinking about the ice beam superior organization

right oh I clicked on this memory should I get in touch my computer I want you to send this new player in California and in California your coach shouldn't using ample storage money I remember writing for tens of thousands of years how we learn how to pass on information we both stories with stories around the Empire humans are wired to remember things to story time is the most key way as to be able to reach our end users to tell stories Balam story that allows inducers be able to sell personally the situation if you just say you have to make sure so they can tell a story about what my were out there planting happen or some into the

organization that story that so what kind of stories in Utah tell stories from the news where they everybody eat all the highly publicized big reach to the end recover those stories retouch how they have it tell us already that happen in your region

based artists bring their clients the CEO of michigan-based factory with lot of use our online name and she watched she saw billions of dollars sweeping out of her hat fear frustration called for me now the banker started reading but not until five point two million dollars or not it's also label you're trying to talk to us be you know here's eternal story birth bar a disgruntled employee from employee actually thought works at the moment have a group to get them access assistance she's found out it can hurt two courts Genesis is sitting on probation equipment but obviously the entire organizations record of compromised by into this hacker organization this happen right here in Pittsburgh right now the streets how

many times we've talked to people in the organization and say oh a lot of people would never do it and I'm stressed our people they're not going to be delicious you never know from the other side of that person's life you never know if they have pressure no financial issues and somebody sure loved and asked often this beep you the story to tell about I want to make sure are you in the office this is a favorite story writes itself tell everybody dispatches the national story itself your organization because they continue to use this social engineering strategy it so many times and they're like oh my gosh we're gonna say happening for so long three years and

you guys haven't gotten us yet that's right I love it with the office I love them even how they open it up to the CEO yes I'm in the office with me oh and you combination area tech yeah the person in the office isn't it happen so it's gonna sound like nice video but you know if you be very very stressed and he doesn't think really fast so it may be a defendant if she replies back and she could no absolutely PLO the informations that I can add this new vendor to our housing systems I think he knows that no but I'll also be that information later he's gonna check she pushes back because they have a big process that requires

this Pio to be able to process each other she push the back but I'll forward the invoice later now she's a great for the job she's pushing back against the CEO so she passed the check and she sounds the check and let it should find out that this was a hacker and that basically shut - Wow we're lucky it was a treat pace that it stopped the check but often times they ask for wires or at least gauge once you like something that will be gone you cannot get it back it's not covered by FDIC you're going to retrieve it for you with your sol stories like this all the council members until they have to be

vigilance

they are so right you got a pretty car but sharp singing a little bit's igniter you check what was the difference the differences in the delivery and the ownership right infant set up hey we're speaking about doing the same on the cars but if you do it and you're going a little bit take medication we should be do it and they ownership they said yes yes it should that way of it think about that for the education or the understanding of products for selected powers over around and through what you put in place totally no I'm not hearing and your bar for the importance of even before that that's really or in the average there

now about 200 day before I music government that loves very morning consider on their having service you know you don't have to create all this content all by yourself you can even get somebody come in and help you create

examples so you know that about 30% of users actually don't know antivirus with other computers what it looks like let's call be able to say this is comments like mr. Trebek this is pops up if something pops something doesn't look like this eat it calls right away if you don't think explain things about filter what does it do why is it important I think bigger de-rated from solution and read back to you

and

but I don't see new and that will arrive early about 20 to 30 minutes early and then I'm an ass I walk in I'll try to get past exception even though you're supposed to top of those things to be super

[Music]

so actually yes to be documentation about now I understand we do a bit of exercise and you find all these do holes or gaps figuration and forget it I understand to dump the out music not to be helpful but when there are incidents that are either vegetable by the desert like putting on something happening on something having a secure password or anything like that it should be shared throughout the organization

now I'm 58 having written documentation and policies they have plastic stirrings if you like them even better than they might have documenting all the work we've done reinforces the philosophy a security popular vacation house right I'll just pop you know you bought the entire organization have agreed the highest levels is their philosophy and our approach period the lines clearly who is responsible for security throughout the entire organization we all know everyone at every level is responsible for security I see a organization even if you don't have a computer you're so responsible for physical security docile dress long strings it wasn't right about how think how secure environment has to be aware of all the past commonplace you have

justification for budgets and to be able to spend money on the action too big when it reached me to talk dirty for the security life but the antenna of coffee that every single company should have you know how of the house juts out and go to the standards of the Machine and down three boiler plate so you don't have to come up with something in scratch and not just have a policy you have to make sure that they're scientist I responsible parties who is supposed to be responsible for reviewing this and then in that arena policy it should show and explain the different area there is no separate innocence policies who's responsible for the counter role it

would talk to you about an event yearly larger organizations perhaps portly and the company changes so much but earth anytime there's the environment change this processes change those make sure that policy is still about well changes and the back policy and sure that policy is talk with you and obviously it's not enough to have all these to educate people about understand but this is the probably the organization it's an excellent place give about what you're doing in your environment and these are called nervous at home we are only following our information security policies their own

internal versions I see handy Highlands as he has a strong partnership of HR and management if you have all kinds of awesome ideas and they're not gonna back up by management

they kind of have to do to the strong partnership with HR so that as people come on board that they are asking it probably about talking of the network because you know what it's oftentimes those users that come and the new employees don't understand we're security staff or lakhtin impatient you know I'm able to say this makes them feel like they say these are policies on majority that this is our policy on commuter lot of Charlotte right here's some links to your program toolbox but they didn't forget about know before we're not

the only use on trade and video senior to give praise that oh thank you so much so the bishop you to send me that sample you're right officially now keep it up you already we're all same team right it's not actually a users

you do make sure we should have a written plan for your cyber security awareness program yeah pentesting ones here and pans and not even once in a while I am eager to know whenever a new day out careful to be aware of that's not really a plan that's totally up top kind of thing we don't want to do that we want bitten brands that anyone else come behind you and so implement that it's interactive engaging and trust me you can be sure excited offer praise to your users for the engineering literacy beautification all the questions and concerns

[Music]

all of our documents onedrive do we have a conversation a lot of yes it's up shop not only excellent right so we got these days to be able to say those things I wear in my top shadow itvbe get out of organization

so now you're all let's go and educate and diseases that piercing through security and they